Educause Security Discussion mailing list archives
Re: [External Sender] [SECURITY] Restricting PC Admin Rights
From: "Davis, Chris" <CDavis () LOURDES EDU>
Date: Mon, 13 Aug 2018 16:02:38 +0000
For such an easy security measure, this always creates havoc. On the IT side of things, so many things can be prevented with a least privilege model. However, from the other side of the house, we always meet huge resistance because we are “taking away admin rights” from our users. People feel like we don’t trust them. And from a certain point of view that is right. In the security world, we should not trust anyone. But at the same time, the people I really don’t trust are those that are targeting our employees. So, this is measure that gives some quick security at no cost, other than a change in the way our users do things. I will be watching this thread closely. Chris Christopher Davis, Ph.D. Chief Information Officer Assistant Professor of Education Apple Teacher Lourdes University 6832 Convent Blvd | REH 003P | Sylvania, OH 43560 cdavis () lourdes edu<mailto:cdavis () lourdes edu> CyberAware – Be aware. Stay Secure! Lourdes University will never ask you to send sensitive information through unsecure channels. Report any message that asks you to provide or confirm personal information such as credit card and/or bank account numbers, Social Security numbers, passwords, etc. or any other suspicious activity to infosec () lourdes edu. For more information please visit lourdes.edu/cyberaware. CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s) and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not the intended recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments. If you are not the intended recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its attachments is strictly prohibited. On Aug 13, 2018, at 11:06 AM, Pardonek, Jim <jpardonek () LUC EDU<mailto:jpardonek () LUC EDU>> wrote: Not sure if there is somewhere else I can get this info, I’m sure it’s been asked before, but I am checking to see how many of your institutions restrict admin rights. We are putting a proposal together to leadership to do exactly that as we have had a number of folks fall for scams that involve the installation of software on their PCs. Thanks, James Pardonek, MS, CISSP, CEH, GSNA Information Security Officer Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 •: (773) 508-6086<tel:(773)%20508-6086> Loyola University Chicago will never ask you for your username or password. For the lastest information security news at Loyola, please follow us online, Twitter: @LUCUISO Facebook: https://www.facebook.com/lucuiso/ Our Blog http://blogs.luc.edu/uiso/
Current thread:
- Re: Restricting PC Admin Rights, (continued)
- Re: Restricting PC Admin Rights McHugh, Susan (Aug 13)
- Re: Restricting PC Admin Rights Jack Barrett (Aug 13)
- Re: Restricting PC Admin Rights Kevin Ledbetter (Aug 13)
- Re: Restricting PC Admin Rights Gregg, Christopher S. (Aug 14)
- Re: Restricting PC Admin Rights Alex Lindstrom (Aug 14)
- Re: Restricting PC Admin Rights Ronald King (Aug 20)
- Re: Restricting PC Admin Rights McHugh, Susan (Aug 13)
- Re: [External Sender] [SECURITY] Restricting PC Admin Rights Frank Barton (Aug 13)
- Message not available
- Re: Restricting PC Admin Rights Richard Gould (Aug 13)
- Re: Restricting PC Admin Rights Frank Barton (Aug 13)
- Re: Restricting PC Admin Rights Frank Barton (Aug 13)
- Re: Restricting PC Admin Rights Burns, Denis (Aug 13)
- Re: Restricting PC Admin Rights Simanovich, Roman (Aug 13)
- Re: Restricting PC Admin Rights Burns, Denis (Aug 13)